207 matches found
Moderate: Red Hat Security Advisory: rh-php56 security, bug fix, and enhancement update
An update for rh-php56, rh-php56-php, and rh-php56-php-pear is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Discuz! x the use of SSRF remote command execution vulnerability
Content source: security think tank 0X01 ready to work jannock issued by Discuz conditional remote command execution,a lot of big stations affected, the online hasn't published details, in a safe public number to see on the jannock simple to say about the principle, is ssrf+redis/memcache issues,...
Pornhub: Unprotected Memcache Installation running
The consultant was able to connect to the stage.pornhub.com subdomain via port 60893, it was determined that the target host was running memcached and required no authentication...
[SECURITY] Fedora 23 Update: php-doctrine-cache-1.4.2-1.fc23
Cache component extracted from the Doctrine Common project. Optional: APC php-pecl-apc Couchbase http://pecl.php.net/package/couchbase Memcache php-pecl-memcache Memcached php-pecl-memcached MongoDB php-pecl-mongo Redis php-pecl-redis Riak http://pecl.php.net/package/riak XCache php-xcache...
[SECURITY] Fedora 22 Update: php-doctrine-cache-1.4.2-1.fc22
Cache component extracted from the Doctrine Common project. Optional: APC php-pecl-apc Couchbase http://pecl.php.net/package/couchbase Memcache php-pecl-memcache Memcached php-pecl-memcached MongoDB php-pecl-mongo Redis php-pecl-redis Riak http://pecl.php.net/package/riak XCache php-xcache...
[SECURITY] Fedora 21 Update: php-doctrine-cache-1.4.2-1.fc21
Cache component extracted from the Doctrine Common project. Optional: APC php-pecl-apc Couchbase http://pecl.php.net/package/couchbase Memcache php-pecl-memcache Memcached php-pecl-memcached MongoDB php-pecl-mongo Redis php-pecl-redis Riak http://pecl.php.net/package/riak XCache php-xcache...
vBulletin x.x.x rce "0day"
Not really a 0day since it's fixed in some versions, but still an exploit that doesn't seem to be "that" public. Please note, I didn't find this. vBulletin's memcache setting is vulnerable in certain versionsall before 4.2.2 to an RCE. vBulletin seem to have refused to classify it as a...
vBulletin 4.2.2 - Memcache Remote Code Execution
vBulletin 4.2.2 - Memcache Remote Code Execution vBulletin's memcache setting is vulnerable in certain versionsall before 4.2.2 to an RCE. vBulletin seem to have refused to classify it as a vulnerability or post anything about it, or put anything in the announcements on their website. They say "P...
vBulletin < 4.2.2 - Memcache Remote Code Execution
vBulletin's memcache setting is vulnerable in certain versionsall before 4.2.2 to an RCE. vBulletin seem to have refused to classify it as a vulnerability or post anything about it, or put anything in the announcements on their website. They say "PL2 4.2.2 should prevent the use of localhost,"...
vBulletin 4.2.2 Memcache Remote Code Execution Exploit
vBulletin versions prior to 4.2.2 suffer from a memcache related remote code execution vulnerability. Not really a 0day since it's fixed in some versions, but still an exploit that doesn't seem to be "that" public. Please note, I didn't find this. vBulletin's memcache setting is vulnerable in...
vBulletin Memcache Remote Code Execution
Not really a 0day since it's fixed in some versions, but still an exploit that doesn't seem to be "that" public. Please note, I didn't find this. vBulletin's memcache setting is vulnerable in certain versionsall before 4.2.2 to an RCE. vBulletin seem to have refused to classify it as a...
Moderate: Red Hat Security Advisory: php55 security and bug fix update
Updated php55 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Security fix for the ALT Linux 8 package proftpd version 1.3.5-alt1.gita31d0ab
May 20, 2015 Konstantin Lepikhov 1.3.5-alt1.gita31d0ab - Updated to 1.3.5-a31d0ab GIT fixing following CVEs: + CVE-2013-4359. - Include the fix for Bug 4169 Unauthenticated copying of files via SITE CPFR/CPTO allowed by modcopy. - Configuration changes: + enabled pcre support; + enabled memcache...
ThinkSNS某问题导致用户信息泄露
简要描述: 233 详细说明: demo.thinksns.com memcache 218.244.149.144:11211 漏洞证明:...
53KF某处泄露管理员信息泄漏管理员信息
简要描述: 233 详细说明: tw.53kf.com memcache 其实好多域名都解析到这个IP上 60.191.223.46:11211 漏洞证明:...
SUSE-RU-2015:0462-1 Recommended update for crowbar-barclamp-nova_dashboard
This update for crowbar-barclamp-novadashboard provides stability fixes from the upstream OpenStack project: Use a host specific memcache key for djangocompressor bnc894070 Add Requires on crowbar-barclamp-openstack for the new crowbar-openstack cookbook. Use helpers from new crowbar-openstack...
[SECURITY] Fedora 19 Update: php-doctrine-orm-2.4.2-2.fc19
Object relational mapper ORM for PHP that sits on top of a powerful datab ase abstraction layer DBAL. One of its' key features is the option to write database queries in a proprietary object oriented SQL dialect called Doctri ne Query Language DQL, inspired by Hibernate's HQL. This provides...
[SECURITY] Fedora 20 Update: php-doctrine-orm-2.4.2-2.fc20
Object relational mapper ORM for PHP that sits on top of a powerful datab ase abstraction layer DBAL. One of its' key features is the option to write database queries in a proprietary object oriented SQL dialect called Doctri ne Query Language DQL, inspired by Hibernate's HQL. This provides...
openstack-keystone: trustee token revocation does not work with memcache backend
The memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being...
python-keystoneclient: Potential context confusion in Keystone middleware
The authtoken middleware in the OpenStack Python client library for Keystone aka python-keystoneclient before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, relat...